HELP!!! LDAP jazz groups with spaces
Hello,
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
5 answers
Yes, thats correct.
Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.
--- Balaji
Jazz Server Team
Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.
--- Balaji
Jazz Server Team
Hello,
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
Story:
We have had confugured server and it was working right.
But unfortunatelly we should rename groups:
JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins
We tried following:
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...
But nothing works :-(
Any suggestions?
TYIA
DC
We have had confugured server and it was working right.
But unfortunatelly we should rename groups:
JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins
We tried following:
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...
But nothing works :-(
Any suggestions?
TYIA
DC
Yes, thats correct.
Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.
--- Balaji
Jazz Server Team
Hello,
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
Definitely the ones with double and esingle quotes would not work.
Can you elaborate "it didn't work".
Note: The information provided in the Jazz setup wizard is only used by nightly sync task and viewing the groups of the user.
The ldap group mapping must be configured correctly in tomcat server.xml / web.xml to setup the authentication / authorization via the web container.
Please elaborate on what's not working..
--- Balaji
Can you elaborate "it didn't work".
Note: The information provided in the Jazz setup wizard is only used by nightly sync task and viewing the groups of the user.
The ldap group mapping must be configured correctly in tomcat server.xml / web.xml to setup the authentication / authorization via the web container.
Please elaborate on what's not working..
--- Balaji
Story:
We have had confugured server and it was working right.
But unfortunatelly we should rename groups:
JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins
We tried following:
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...
But nothing works :-(
Any suggestions?
TYIA
DC
Yes, thats correct.
Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.
--- Balaji
Jazz Server Team
Hello,
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
Easily said,
we had properly running server with LDAP login (default name of groups).
When we had to install another server we needed another jazz groups on LDAP.
We decide to rename current groups and create new ones
renamed:
JazzAdmins -> SG jazz-server01 JazzAdmins
JazzDWAdmins -> SG jazz-server01 JazzDWAdmins
JazzGuest -> SG jazz-server01 JazzGuest
JazzUsers -> SG jazz-server01 JazzUsers
JazzProjectAdmins -> SG jazz-server01 JazzProjectAdmins
created:
SG jazz-server02 JazzAdmins
SG jazz-server02 JazzDWAdmins
SG jazz-server02 JazzGuest
SG jazz-server02 JazzUsers
SG jazz-server02 JazzProjectAdmins
and problems appeared
so we changed users from LDAP to TOMCAT
we assumed that problem was connected with spaces in names
we have started to elaborate with the ' and " and at last we tried to rename groups
SG jazz-server02 JazzAdmins -> SG_jazz-server02_JazzAdmins
SG jazz-server02 JazzDWAdmins -> SG_jazz-server02_JazzDWAdmins
...
when we logged to Jazz via TOMCAT and changed it to LDAP wia web interface
we was able to import new users from LDAP it meant connection into LDAP was correct.
Although we changed contect.xml and server.xml as well (we reused existing from previous properly running jazz instance)
('<' and '>' are replaced by '*')
context.xml:
*Context*
*WatchedResource*WEB-INF/web.xml*/WatchedResource*
*Realm
className = "org.apache.catalina.realm.JNDIRealm"
debug = "99"
connectionURL = "ldap://ldap.tieto.com:389"
connectionName = "xxx"
connectionPassword = "xxx"
referrals = "follow"
userBase = "ou=tead, dc=eu, dc=tieto, dc=com"
userSearch = "(sAMAccountName={0})"
userSubtree = "true"
roleBase = "OU=Security groups,OU=Groups,OU=Czech Republic,ou=tead,dc=eu,dc=tieto,dc=com"
roleSubtree = "true"
roleSearch = "(member={0})"
roleName = "cn"
/*
*/Context*
server.xml:
...
*!--
*Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"
digest="SHA-1"
digestEncoding="UTF-8"/*
--*
...
the login was not possible.
Is there some limitation for the length of group names or for usage of "-" in name?
BR
David Csikkel
Consultant, Tieto
we had properly running server with LDAP login (default name of groups).
When we had to install another server we needed another jazz groups on LDAP.
We decide to rename current groups and create new ones
renamed:
JazzAdmins -> SG jazz-server01 JazzAdmins
JazzDWAdmins -> SG jazz-server01 JazzDWAdmins
JazzGuest -> SG jazz-server01 JazzGuest
JazzUsers -> SG jazz-server01 JazzUsers
JazzProjectAdmins -> SG jazz-server01 JazzProjectAdmins
created:
SG jazz-server02 JazzAdmins
SG jazz-server02 JazzDWAdmins
SG jazz-server02 JazzGuest
SG jazz-server02 JazzUsers
SG jazz-server02 JazzProjectAdmins
and problems appeared
so we changed users from LDAP to TOMCAT
we assumed that problem was connected with spaces in names
we have started to elaborate with the ' and " and at last we tried to rename groups
SG jazz-server02 JazzAdmins -> SG_jazz-server02_JazzAdmins
SG jazz-server02 JazzDWAdmins -> SG_jazz-server02_JazzDWAdmins
...
when we logged to Jazz via TOMCAT and changed it to LDAP wia web interface
we was able to import new users from LDAP it meant connection into LDAP was correct.
Although we changed contect.xml and server.xml as well (we reused existing from previous properly running jazz instance)
('<' and '>' are replaced by '*')
context.xml:
*Context*
*WatchedResource*WEB-INF/web.xml*/WatchedResource*
*Realm
className = "org.apache.catalina.realm.JNDIRealm"
debug = "99"
connectionURL = "ldap://ldap.tieto.com:389"
connectionName = "xxx"
connectionPassword = "xxx"
referrals = "follow"
userBase = "ou=tead, dc=eu, dc=tieto, dc=com"
userSearch = "(sAMAccountName={0})"
userSubtree = "true"
roleBase = "OU=Security groups,OU=Groups,OU=Czech Republic,ou=tead,dc=eu,dc=tieto,dc=com"
roleSubtree = "true"
roleSearch = "(member={0})"
roleName = "cn"
/*
*/Context*
server.xml:
...
*!--
*Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"
digest="SHA-1"
digestEncoding="UTF-8"/*
--*
...
the login was not possible.
Is there some limitation for the length of group names or for usage of "-" in name?
BR
David Csikkel
Consultant, Tieto
Definitely the ones with double and single quotes would not work.
Can you elaborate "it didn't work".
Note: The information provided in the Jazz setup wizard is only used by nightly sync task and viewing the groups of the user.
The ldap group mapping must be configured correctly in tomcat server.xml / web.xml to setup the authentication / authorization via the web container.
Please elaborate on what's not working..
--- Balaji
Story:
We have had confugured server and it was working right.
But unfortunatelly we should rename groups:
JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins
We tried following:
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...
But nothing works :-(
Any suggestions?
TYIA
DC
Yes, thats correct.
Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.
--- Balaji
Jazz Server Team
Hello,
according to company policies we have to have LDAP groups with spaces in names
e.g.
cn=SG jazz-server01 JazzAdmins
how we should set group mapping parameter?
e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...
thank you in advance
David Csikkel
[quote][/quote]
Hi all,
problem is solved :-)
We had bad assumption that group mapping is done only by Jazz configuration (teamserver.properties).
In the moment when we have changed web.xml everything started to work.
Guideline:
http://publib.boulder.ibm.com/infocenter/ieduasst/rtnv1r0/index.jsp?topic=/com.ibm.iea.rtc/rtc/1.0/Usability/JazzRTCLDAPConfiguration/player.html
David Csikkel
Consultant, Tieto
problem is solved :-)
We had bad assumption that group mapping is done only by Jazz configuration (teamserver.properties).
In the moment when we have changed web.xml everything started to work.
Guideline:
http://publib.boulder.ibm.com/infocenter/ieduasst/rtnv1r0/index.jsp?topic=/com.ibm.iea.rtc/rtc/1.0/Usability/JazzRTCLDAPConfiguration/player.html
David Csikkel
Consultant, Tieto